package com.sairobo.live.auth.impl;


import com.sairobo.live.admin.AdminServiceFeign;
import com.sairobo.live.auth.TokenAuth;
import com.sairobo.live.token.TokenServiceFeign;
import com.sairobo.live.util.UrlUtil;
import com.netflix.zuul.context.RequestContext;
import io.jsonwebtoken.Claims;

import java.util.List;

/**
 * admin后台管理token校验实现
 */
public class AdminTokenAuth extends TokenAuth {

    private AdminServiceFeign adminServiceFeign;

    public AdminTokenAuth(String prefix, String[] urlPatterns, TokenServiceFeign tokenServiceFeign, AdminServiceFeign adminServiceFeign) {
        super(prefix, urlPatterns, tokenServiceFeign);
        this.adminServiceFeign = adminServiceFeign;
    }

    @Override
    protected void tokenAvailable(RequestContext requestContext,String token,Claims claims) {
//        String requestUrl = requestContext.getRequest().getRequestURI();
//        String userID = claims.getSubject();
//        if (checkUrlInResourceSetting(requestUrl)) {
//            //如果是需要鉴权的url
//            if (authUrl(requestUrl, userID)) {
//                //判断该角色是否能访问
//                // 如果可访问该url
//                AccessStateHelper.accessSuccess(requestContext, userID);
//                // 并且自动为该token续租
//                tokenServiceFeign.tokenAutoPay(token);
//            } else {
//                // 如果不可访问该url
//                AccessStateHelper.accessFailure401(requestContext, 4, "您无访问该接口权限!");
//            }
//        } else {
//            //如果是不需要鉴权的url
//            AccessStateHelper.accessSuccess(requestContext, userID);
//            // 并且自动为该token续租
//            tokenServiceFeign.tokenAutoPay(token);
//        }
    }

    /**
     * 判断URL是否是资源列表中的配置项,如果是则进入权限判断,如果不是则直接通过
     *
     * @param url 请求url
     * @return boolean类型执行结果
     */
    private boolean checkUrlInResourceSetting(String url) {
        List<String> urls = adminServiceFeign.listResourceUrl();
        boolean state = false;
        for (String temp_urls : urls) {
            if (url.equals(temp_urls)) {
                state = true;
                break;
            }
        }
        return state;
    }

    /**
     * 判断获取当前用户授权url列表
     *
     * @param url    请求url
     * @param userID 用户Id
     * @return boolean类型执行反馈
     */
    private boolean authUrl(String url, String userID) {
        List<String> urls = adminServiceFeign.listAuthUrl(userID);
        return UrlUtil.urlAntPathMatchForPatterns(url, urls);
    }
}
